Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Two gateways, two subnets, one internet, subnet connectivity issue

    Scheduled Pinned Locked Moved General pfSense Questions
    66 Posts 4 Posters 15.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      marvosa
      last edited by

      My next project to tackle is to follow this tutorial on setting up OpenVPN with PIA: https://forum.pfsense.org/index.php?topic=76015.0
      Do you foresee any issues integrating this with what's going on?

      There are a couple things to consider if you are going to keep the current edge devices in place:

      • As currently connected, since PFsense is double NAT'd behind your edge router (DDWRT), you would first need to forward the OpenVPN listening port over to PFsense. Plus it may be necessary to add a static route on DDWRT for the OpenVPN tunnel network.

      • PFsense is only the gateway for LAN 2, so you'd only be able to route LAN 2's traffic thru the tunnel.

      1 Reply Last reply Reply Quote 0
      • L
        Live4soccer7
        last edited by

        Yes, that is correct. I only want some of LAN2 traffic on OpenVPN.

        If I can get it working on LAN2 with the pfSense Firewall and NAT disabled then I wouldn't need to forward to listening port over from DDWRT to pfSense, correct?

        I don't really have any additional questions right now as I haven't started to dig in to the project yet. I hope to get to it in a few hours. I think the first step would be to get pfSense configured properly with the NAT/FIREWALL disabled and then move forward from there or I feel like I'll be compounding inefficiencies.

        1 Reply Last reply Reply Quote 0
        • M
          marvosa
          last edited by

          If I can get it working on LAN2 with the pfSense Firewall and NAT disabled then I wouldn't need to forward to listening port over from DDWRT to pfSense, correct?

          You're right.  I was thinking about server connections, but a connection to PIA would be a client connection.  Long night :)

          If you do ever end up configuring a remote access server, then you would need to forward the listening port though.

          1 Reply Last reply Reply Quote 0
          • L
            Live4soccer7
            last edited by

            Thanks, I'll be back as I progress through this. I'm going to clean up the connections I have right and then move on to the OpenVPN implementation.

            1 Reply Last reply Reply Quote 0
            • L
              Live4soccer7
              last edited by

              I have the open VPN client setup on the router using this guide: https://www.privateinternetaccess.com/pages/client-support/pfsense

              It worked great, however I'm still at the point where it would be best to disable NAT/Firewall and I'd like to only route specific IPs or an IP range through OpenVPN. If the pfsense box is setup as router only would I be using static routes somehow as the NAT/Firewall rules would no longer be functional in the "router only" state.

              1 Reply Last reply Reply Quote 0
              • L
                Live4soccer7
                last edited by

                Looking more closely at everything, it almost seems like you HAVE to have NAT enabled on the pfsense machine in order to direct specific addresses through the VPN or not.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.